Delving Deeper: Basic Windows XP Security

Windows XP is the current "flagship" Operating System from Microsoft. It was released in 2001, and if you've purchased a computer since then, you probably have it now--just about any PC you buy today is going to come with XP pre-installed. In this article we'll discuss some basic measures that you can take to make your XP machine a bit more secure.

With this many different versions of Windows XP out there (Windows XP Home, Professional, Media, etc.) it's very important to learn at least a few things about protecting your computer. If you plan on using your computer to connect to the internet, it becomes even more important.

With the number of disasters we saw in 2005, many folks don't even want to hear about the rising number of intricate and increasingly complex attacks that occur over the internet. About the time that this article was written, a new virus is all over the news, and was set to go off some time this month, deleting many types of files from its victim's computers.

This is only one of the many known worms and viruses making the rounds these days. My last article taught you to become better protected against spyware, so now that you have this software installed and protecting you, you may ask, what's left? More than most want to know. Read on to find out how you can further protect yourself from the poisons of the internet.

The first step - Using passwords

Just like at work, anyone who uses your computer at home should use a log in. By default, Windows XP doesn't ask for any login information or make you authenticate yourself in any way in order to access the system.

This ill-advised practice was meant to make the experience of using a computer easier for everyone. It also provides anyone with access to your machine the ability to read, view, and delete all of your files, so our first step is going to be setting up accounts and passwords for all users. People coming from a UNIX or Linux background should be used to this as both of those operating systems make you login by default.

Finding the user account settings menu of Windows XP

To set up user accounts, click on the Start menu, then click on "Control Panel." The Control Panel window should open up. On the right hand side you'll see "User Accounts". Click on that button and another window loads--this is where you'll be setting passwords and creating user accounts for those who need them.

For the most part, adding users and passwords is easy to understand, but I'm going to walk you through a few things anyway. To start off, you'll see a list of the accounts that are currently on the machine. At this point you'll probably only see "Administrator" and "Guest". "Guest" should be turned off, as it's used as a default account in many versions of Windows and attackers have learned to look for it as a way to get some form of access to your computer.

Under "Or pick an account to change," click on the "Administrator" account. A new screen loads showing you some tasks you can perform from this area--the one you want to click on is "Create a password". After you have clicked on this button, a new menu loads up telling you to type a new password in and then again to verify the spelling. You may also enter in a password hint which is there to help you out in case you ever forget your password.

After you're done, click on "Create Password". You'll see a new screen asking "Do you want to make your files and folders private?" You should click on "Yes make private" to stop other users of the machine from accessing your files.

After this is done, you'll be taken back to your account settings. In the top left portion of your screen you'll see "Home" and you should click there to go back to the main account settings screen.

Adding a user account to Windows XP for personal use

You've probably been told many times that using the Administrator account for day-to-day work is a bad idea. This is very true. One reason not to do so would be because if you are cleaning up your system, perhaps by deleting un-needed files, you can accidentally delete system files that Windows XP needs to work properly, but with a non-Admin account, you can't do this.

To add another account to your system for day-to-day work, you use the same menu as for adding a password. At the top of that screen you'll see "Pick a task". The second option is called "Create a new account" and all you have to do is click on it to load the new account menu.

The screen asks you to type in a new account name--you can put whatever you'd like here, such as your name, and when you're done, you can click on the "next" button.

The next thing you'll see is a screen which asks you what type of account you want this to be. By default it has "Administrator" selected, which is a bad idea. Click on "Limited" and then click on "Create account".

When this has finished, you'll be taken back to the main screen. You should now see the new account listed under "Or pick an account to change". If you have friends or family that use the computer, you can repeat this process and set up accounts so that each person has their own login. Just make sure you don't make their accounts "Administrator" or they will be able to delete and change your settings.

How do I make a password effective, but still memorable?

This is a common problem for all of us. Well-meaning folks have all these precautions in place but a hacker either guesses their password or finds it written down on a piece of paper near the computer-or even worse, in the garbage where they threw it once they memorized their password. This is a big security hole, but how can you possibly make a good password and make it easy to remember at the same time? Like this:

Think of something that you're really into, for example, let's say that I'm into the punk rock band "The Misfits" and they released their first album in 1977. What does this have to do with a password? Easy-I use those little tidbits of information to create an effective password like this:

Tm1977jandgcprf

This could be edited into a decent password you could remember just by thinking about The Misfits. The above stands for "Themisfits1977JerryandGlennChangedPunkRockForever"

This is a decent password to start with, and to remember it, all you need to do is think of the clues that you left yourself. If you're really creative you can add to this by taking a song from the album in 1977, and make your password the first letter of a couple lyrics from one of the songs. This would be fairly easy to accomplish, because then your "password hint" could simply list the band, the song, and the year they came out.

To add to the effectiveness of this practice, you can use a pattern to make your password the first letter of the first word of the first song, then the second letter in the password could be the second letter of the second word in the second song, etc. This technique is just one example of how you can use your own favorite topics to create a password that is both easy to remember and effective.

Whatever you do, NEVER make your password from a word that appears in a dictionary. Password cracking tools are everywhere, and if your password can be found in a dictionary or is a very common word, a password cracker can easily find it and use it against you-you're much better off using something similar to the method I've just discusssed.

I hope you've learned something reading this article. The internet is everyone's responsibility--every machine that is secure is one less computer that hackers will be able to use against the rest of us. Stay safe, and stay informed!